Coding v5.2.0

IllegalMethodCall

Flags calls to methods with certain names. Occurrences are flagged based on the name alone; the type of the object to which the method belongs is not taken into account.

This is a low-tech mechanism for certain types of code governance, such as preventing use of reflection through Class.forName() or Constructor.newInstance().
The scattergun approach used by this check may get you some false positives, which may have to be suppressed.

Properties

This check must be configured explicitly for certain method names; it does nothing by default.

Comma-separated list of method call qualifiers which indicate that a call should be excluded.
For example, if the call was JAXBContext.newInstance();, then JAXBContext
is the qualifier (the part of the full identifier that comes before the dot). In other words, method calls
with one of the qualifiers listed here are not illegal. Note that only identifiers can be used here,
not expressions. Also, type arguments are ignored: For example, Foo.<String>legalMethod(arg)
has the qualifier Foo.none

Custom Messages

In addition to the properties, optionally adding a message element may benefit this check to make the warning easier to understand. The message key is illegal.method.call, and it features one optional placeholder ({0}), which is the name of the flagged method. The placeholder is useful when the list of illegal method names contains more than 1 entry.

Parent Module

LostInstance

Checks that object instances created explicitly with new are actually used for something. Just being assigned to a variable or passed as a parameter is enough. A full data flow analysis is not performed.

This helps discover cases like the following:

if(x<0)newIllegalArgumentException("x must be nonnegative");

It was probably the intent of the programmer to throw the created exception:

if(x<0)thrownewIllegalArgumentException("x must be nonnegative");

The instance might have been created in order to make use of a constructor side effect, but such a case would be a bug in its own right.

This check was inspired by the FindBugs detector RV_EXCEPTION_NOT_THROWN. However, this check is not restricted to exceptions.